Subject: Re: Access Control Lists
To: None <tech-kern@netbsd.org>
From: Seth Long <s.seth.long@gmail.com>
List: tech-kern
Date: 05/02/2006 10:50:31
> Do you mean POSIX ACL's here?

Yes, or at least close enough to be compatible with FreeBSD.

> and exec?

Yes, that too.

> ok but how to you find these chunks of data on the media if there are
> no pointers to them?  How do you associate files in a file system with
> a blob entry?  How are the tools that need to manipulate the ACL
> entries going to find the ACL data on the media?

Still haven't figured out the details on this yet.  Basically, the
ACLs need to be stored in a file, or multiple files, but the files
shouldn't be visible to users of the system.  This could come in the
form an extra file in each directory, where the file would have to be
invisible except to the ACL layer.

> iso9660?
> Also, are you considering applying the ACL's server side on NFS?

No, not server side.  One issue that might arise with this, though, is
that with multiple operating systems accessing the same files via NFS,
non-NetBSD OS's won't know about the ACLs.  As far as iso9660, I'm not
sure how useful ACLs on CDs are going to be, but they would work, and
somebody may find them useful.

>That sounds nice but how are you going to determine that the
>underlying file system supports ACL's?

In order to make that part work, the ACL layer would have to know how
to use the ACLs in the underlying filesystem as well, so it would
probably involve keeping a list of existing filesystems with ACL
support.  This part may well be beyond the possible scope of a summer
of code project, but, it's ok if the graduate project has a couple
requirements that the summer of code project doesn't.

Thanks,

Seth

On 5/2/06, Brett Lymn <blymn@baesystems.com.au> wrote:
> On Mon, May 01, 2006 at 11:25:55PM -0700, Seth Long wrote:
> >
> > My plan for implementing ACL's is to come up with a generic "ACL
> > Layer" which exists just under VFS, and is capable of adding ACL
> > capability to any filesystem which currently works with NetBSD.
>
> Do you mean POSIX ACL's here?
>
> >  So
> > the ACL layer will have to determine, for each open call,
>
> and exec?
>
> > .  The ACL could be stored in the filesystem in files
> > without links from any directory, or somewhere like that.
>
> ok but how to you find these chunks of data on the media if there are
> no pointers to them?  How do you associate files in a file system with
> a blob entry?  How are the tools that need to manipulate the ACL
> entries going to find the ACL data on the media?
>
> >  This way
> > ACL's need implemented just once in order to provide ACL support in
> > FFS, NFS, iso9660, etc.
> >
>
> iso9660?  Also, are you considering applying the ACL's server side on
> NFS?
>
> > It would be nice to have the ACL layer recognize if the underlying
> > filesystem already has an ACL implementation and made use of this
> > existing implementation.  This way if a system had, say, an ext3
> > partition shared between NetBSD and Linux, both operating systems
> > would respect the permissions of the other.
>
> That sounds nice but how are you going to determine that the
> underlying file system supports ACL's?
>
> >
> > Does this seem like a reasonable project to finish in three months?
> >
>
> hard to say - possibly but we need to work on getting a better picture
> of what you are proposing.
>
> --
> Brett Lymn
>